This is a fun, no-cost privacy awareness event that starts October 14. Participants receive a daily privacy challenge to help them review their existing policies, create new polices, and improve privacy and security best practices. The challenges require ‘entry-level’ skills and are applicable to both office and personal use.

Each day, for fifteen days, participants receive an e-mail with a privacy challenge. The task is a privacy or security best practice that can be used in home or business. Each email includes a short description about why this is a good practice, how to start it, and links to additional resources. Each challenge will take about 15 minutes to complete.

The widespread availability of digital cameras (standalone, computer-based, in mobile phones) has made images broadly available for entertainment as well as for clinical teaching purposes. However, there are ethical and privacy issues that need to be carefully considered before whipping out the digital camera (or mobile phone) and taking a photo of an interesting skin lesion or post-operative result.

An article on the use of photography in clinical settings was recently highlighted by the CMPA and although the article was written in 2011, the points that are made are even more relevant in 2013 and should be reviewed by any physician who documents patient information using a digital camera.

Always obtain express consent before taking photographs of patients for clinical or promotional purposes and clearly explain to patients how the images will be used;

It is advisable to obtain written consent before proceeding. The CMPA article offers a number of useful criteria to include in a consent form;

Maintain the privacy of your patient's personal health information. This includes both anatomical information that could identify that individual (e.g. facial features, tatoos or other unique skin lesions) and digital information (file naming conventions or image tags). The former is something that most clinicians will easily recognize, however for filing purposes, an image could be tagged with the patient's first and last name. If ever uploaded on a public website, even if the anatomical identifiers are avoided, Google is incredibly efficient at indexing names and images. Using an individual's first and last name, one could be unpleasantly surprised to be presented with images of that individual doing a simple Google image search;

Another caution. When embedding images in presentations, remove all personally identifiable information from the original files before sharing the presentations.

It may take a little more effort up front, however this is part of the due diligence necessary when dealing with sensitive patient information.

In January 2007, I published a presentation on SlideShare titled, “Using email in a medical practice. An overview of risks and benefits”. (Click here to view the deck.) Since that time, the presentation has been viewed more than 6,100 times and I still receive regular comments from viewers who find the content useful and relevant. When the Canadian Medical Protective Association (CMPA) published a revised guideline on the use of email to communicate with patients and associated legal risks, I thought it would be useful to review my original presentation and see how much has changed in the seven years since it was published.

I was pleasantly suprised when reviewing my original slide deck that none of the basic principles had really changed. The CMPA guideline is a refinement of many of the recommendations. It is a very useful document and should be required reading for anyone who uses email to communicate with patients. Highlights include:

Remembering to use the Bcc (blind carbon copy) field if sending emails to multiple individuals in a group in order to protect privacy. (I recently sent out some non-clinical emails and only realized after the fact that I had not bcc’d the recipients. Embarrassing mistake and one that is easy to make.)

If one uses a third-party or employer/hospital email system, those parties may have the right to access the email messages. Email messages sent via one of these systems may be subject to disclosure requests in the context of litigation or an access request by the Privacy Commissioner or College of Physicians and Surgeons. One can protect against this type of access by only sending sensitive emails using a personal computer that is not used by multiple individuals.

Consider the use of an email consent form (example from CMPA) to document consent to email communication and provide evidence that the patient has acknowledged the risks. This adds an administrative step to patient management, but could be handled by front-office staff at time of check-in or when registering new patients.

If you use a specific email address for work-related communications, consider adding an auto-reply message to acknowledge receipt of emails.

Avoid using acronyms in your emails as these can be very confusing to patients.

Be aware of any applicable statutory or College requirements in your province or territory.

Beyond any general email policy, these are important additional points to consider if you use email to communicate with patients and will allow you to tweak your email processes and policies.

Do you use email in your practice currently? Do you have any guidance or advice your would like to share?

The British Columbia College of Physicians and Surgeons has reminded physicians about the change to the retention of medical records as defined under section 3-6(2) of the Bylaws under the Health Professions Act. The Act has been amended to reflect the change to the Limitation Act. College registrants are now expected to retain medical records for a minimum period of 16 years from the date of last entry or from the age of majority, whichever is later, except as otherwise required by law as of June 1, 2013.

Highlights from an updated College Guideline on EMRs:

Physicians may choose either to scan paper records electronically in a “read only” format, e.g. pdf, or to start entering data from day one of their new EMR. Either way, the College recommends that paper records be kept in close proximity for at least six months. Unless they are completely scanned into the EMR, paper records must be kept indefinitely if the patient continues to attend. If the patient has left or moved, paper records must be kept for at least 16 years from the date of last patient contact (or until the patient reaches age 35 for patients under 19).

Physicians must ensure that complete medical records (paper, electronic, or a
combination of both) are accessible at all clinical decision points and for the duration of the retention period prescribed under section 3–6 of the Bylaws under the Health Professions Act.

How does one prevent snooping of patient records through a hospital, regional or local clinical information system? Reading an article in The Medical Post earlier today title, 'Suspension, $22k fine for doctor who snooped into patient files' I was brought back to some work that I had done in 2006/2007 as a participant on the British Columbia eHealth provincial privacy working group. At that time we had many discussions regarding the privacy of patient information and the risk of inappropriate access by medical professionals.

The Medical Post article describes a situation in which an Edmonton physician at the Misericordia Hospital accessed the medical records of three patients with whom she did not have a physician relationship. The access took place via a hospital computer after a colleague failed to log out of a computer terminal. The disciplinary action was brought against the physician by the College of Physicians and Surgeons of Alberta and it was found that she was aware of the inappropriate access as well as the fact that she would not leave a fingerprint trace of her access as she used another physician's login to access the records.

This is one of those potentially avoidable situations that is unfortunate for both the patients and the perpetrating physician. After the fact identification of privacy breaches are the norm in today's world, in large part because the mechanisms to identify inappropriate actions generally take place through either a complaints or post-event audit process. It is very difficult to avoid breaches such as this particular example which appears to have had a calculated element to it, although the physician in question did not 'disclose or make use of the information' in any way. In addition to the fine, the physician received a 60 day suspension and was also ordered to attend an ethics class.

As EMR/EHR/Clinical systems become more commonplace in hospitals as well as variety of other clinical settings, this incident raises a flag in two areas:

All clinical team members should receive more extensive training on appropriate access to and use of electronic health information, including the ethics related to inappropriate access, and

Clinical systems need to integrate more effective mechanisms to both identify inappropriate behaviours early through real-time analytics as well as integrate warnings and alerts that deter inappropriate access in advance of the actions occuring.

If this physician was aware of the risks and realized that her behaviour was going to be detected, I doubt that she would have proceeded.

This week I am attending the Health 2.0 conference in San Francisco. These events are a great opportunity to see what is new and emerging in terms of healthcare providers and patients. The conference attracts a wide range of sponsors and presenters ranging from pharmaceutical and insurance companies to highly innovative startups — all trying to tap into the growing demand for social interaction between patients and their care providers.

But, I almost wonder whether the term Health 2.0 is already old and tired. After all, this is already the sixth annual conference by this name. In the hyper-rapid world of web and mobile technologies, what is new and innovative one year is standard fare the next and ready to retire the following year. The fact that the idea of Health 2.0 has managed to survive is related to the demand for venues to examine the world of healthcare delivery through a new set of lenses. The term Health 3.0 has already been around for some time based upon the concept of the “Semantic Web” in which unstructured or semi-structured data (in this case, healthcare data) is managed in a way that provides logical meaning to the information. In a Health 3.0 world, data can be used to personalize the user’s experience so that the information is relevant to that individual. It is the difference between being able to view general information vs. information that is relevant to problems and diseases of that individual.

If Health 3.0 is all about using data meaningfully to personalize an individual’s view of information, am I already beginning to visualize Health 4.0? Is this the environment in which machines or software applications (programmed with some degree of artificial intelligence) are able to make decisions on behalf of patients in order to produce the best clinical outcomes? With insufficient doctors and nurses to manage patient care, it is easy to envision alternate mechanisms to provide care. However, who defines the outcome measures and who provides governance and oversight over the individuals that develop the software and machines to ensure that they function ethically and appropriately? The whole picture is somewhat Orwellian in nature. No matter how good the intention, the potential for harm is just as prevalent.

Let me return to the present. I am looking forward to the conference and will report back on innovative products and concepts, particularly those that can be incorporated into medical practice settings.

The majority of physicians I know are very protective of their personal workspace. They do not like outsiders traipsing through their practices, potentially compromising patient privacy. They also do not like having anyone mess with their computers, servers, EMRs, and billing software. After all, if it is not broken, why fix it? In a solo or small medical practice, it can be difficult to justify the expense of regular computer and network maintenance, particularly when it comes at a cost that exceeds the medical practitioners’ hourly revenue-generating capabilities. However, without maintenance, both short- and long-term costs of an EMR can be significantly higher.

It can also be very challenging to find the right IT support services for your practice. In some settings, choice may be significantly limited by geography and availability of skilled personnel. In addition, hiring an IT consultant requires a different approach compared to the hiring of a full- or part-time employee. An IT consultant is generally brought in to complete a specific task in an area in which he/she has domain expertise. They are expensive contractors and, as a result, it is important to find the right person for the job at hand. Medical practices have certain unique requirements from a workflow and patient privacy perspective and ideally your IT consultant should have a basic understanding of medical privacy rules and practice operations. In addition, to extract the maximum value, you should clearly define your expectations upfront to ensure that the work is completed satisfactorily and according to plan.

How can you limit your risk and find the most appropriate person to assist with your IT needs?

Consider the following:

Do you need an IT consultant to support your hardware and computer network in your practice on an ongoing basis or do you intend to hire someone to assist your practice through the entire EMR selection and implementation process? In these two settings, your needs will be very different.

Pure technical support skills and services will be more widely available either locally through a small independent contractor or through a larger IT support company. These individuals know how to maintain hardware and networks and ensure that backups are done correctly in addition to replacing hardware components such as hard drives before they fail. Think of them as your preventive maintenance support. These individuals are also valuable to recommend new hardware (computers, printers, scanners, wireless routers) when these pieces of hardware need replacement as they work with technology and get to know the best and most cost-effective products.

Full service consultants are more difficult to identify and are in lower demand in Canada in comparison to the United States. These are individuals who have the skills and knowledge to conduct a full assessment of your practice (clinical and administrative needs) and lead the selection, product evaluation, implementation and early support when the product is implemented. In busy practices, the task of evaluation is frequently delegated to a staff member (medical office assistant or practice manager), the full service consultant would take over these roles on behalf of the practice. From a practical standpoint, hiring this type of individual is only cost-effective in a large practice (20+ physicians) in which there is a great deal of complexity and specific requirements that are may be difficult to meet. Smaller practices should carefully evaluate the costs of this type of employment contract as the time frames to select and implement EMRs are generally long (6 months+) and this could be an expensive proposition in addition to duplicating some of the support services that are available at no cost to the practice through a provincial EMR program (e.g. POSP, PITO, OntarioMD etc.)

The most common scenario is one in which a practice will need an IT consultant to support the office network, computers and related hardware. How can you identify a trustworthy company or individuals to provide this kind of support service?

First, expect to spend some money for support on a regular basis. Having a consultant available only during a crisis does not make good business sense for either a consultant or for your practice. If your hardware gets to the point that it is riddled with viruses and hard drives are reaching the end of their lifespan, this is not a good time to call for help.

Speak to local colleagues in your area. Who have they used as an IT consultant and what is their experience? Quality of support, availability both on-site and by phone, cost of call outs as well as ongoing maintenance. Is the agreement for a certain number of hours per month or per quarter or do they have a fixed maintenance contract in which the consultant is paid a monthly fee to maintain the office hardware and network and is expected to do so on a regular basis?

If there is an EMR program in your province, speak with your designated practice advisor and find out if they can put you in contact with practices that use IT consultants. The EMR programs tend to remain agnostic and will not recommend individual contractors or companies, but they may know of practices that can provide some guidance.

Check references carefully. Do not miss this important step and ensure that when you speak with references, you find out whether they individual concerned has a good understanding of medical practice settings. Do not forget to ask the most important question, "Given the choice, would you hire this contractor again?"

Have you had experience with IT consultants? Do you have suggestions for colleagues? Add your thoughts by clicking on the 'Comments' link below

One of the most common questions physicians ask is what type of hardware should they purchase for their practice and EMR. But hardware should not drive the choice of software. The first and most important piece of advice is to talk to your EMR vendor to determine the technical requirements of their system and any recommendations they have regarding hardware for your practice. There are a wide range of choices to consider when selecting hardware depending on your practice and how much mobility you require in terms of your computing requirements.

Laptops vs. Desktops

One of the benefits of desktop computers is that they are relatively inexpensive and can be fixed securely in specific areas. In comparison to laptops and other mobile devices, they are more difficult to steal. It is also easier to replace keyboards or monitors if they are damaged. How should you position your computers in the exam room to ensure maximum interaction with your patients? Read this blog post for guidance on integrating computers for maximum patient benefit. In addition, you should consider the layout and integration of computers from the perspective of ergonomics and human factors in order to avoid medical conditions commonly faced by computer-dependent workers — such as eye strain from long hours looking at a computer monitor or carpal tunnel syndrome from repetitive strain injuries. Fortunately, most physicians are quite mobile in their practices and seldom work in a single position for extended periods of time.

Another resource section on CanadianEMR is medical office configurations with images of practices that have implemented EMRs including example layouts. Different individuals may have different preferences regarding the hardware that works best. For example, exam rooms may be assigned to each physician, in which case there may be the ability to customize specific rooms for special needs. The downside of too much customization is that it becomes more difficult to replace equipment or keep office furniture interchangeable, if items need to be replaced. Laptops are available in a number of formats ranging from the new light ultrabooks, Macbooks, more traditional laptops, or those that have touchscreens such as the HP ProBook Notebook and the Toshiba convertible laptops. Touchscreen laptops allow users to combine screen selection in addition to using a keyboard or touchpad. However, you should check and confirm that the laptops will offer decent battery life. There is nothing more frustrating than a computer that shuts down midway through a shift because the battery has died.

Tablet Computers & Mobile Devices

The prevalence of tablets such as Apple’s iPad and the Samsung Galaxy tablet have created a lot of excitement amongst healthcare providers. The iPad is the undisputed leader in healthcare, particularly with the recent release of the high resolution retina display. Tablets are relatively inexpensive and provide a comfortable and more natural mechanism to document encounters due to the form factor. When considering this type of device you will need to check with your EMR vendor to ensure they are supported and whether they offer full or limited functionality.

Many clinicians also like the ability to use smartphones such as the iPhone or Samsung Galaxy series phones to access certain parts of their EMR. If you use a web-based EMR that requires a browser plus a username and password you may not require additional apps or functionality. However, your view will be limited due to the small screen size. Devices such as the Samsung Galaxy Note are larger phones that are beginning to bridge the gap with traditional tablets. If you use mobile devices to access clinical information, make sure that you lock your device(s) and have an ability to “remote wipe” them in the event that your device is lost or stolen. Expect to see different sized devices in the next 12 months as tablets begin to service different sectors of the market. For example, although the traditional iPad is too large to carry in one’s coat pocket or hold with a single hand, devices that provide screens in the range of 7"–8" are going to become more popular. As with everything mobile, the device is important, but the App ecosystem is increasingly becoming the determining factor. Software is driving the hardware selection. Now, where have I heard that before?

If you would like to comment on this post, add your thoughts by click on the “Comments” link below.

Anyone who has implemented and used an EMR is aware of the terms Privacy and Security. However, what do they mean and how does one apply the concepts to the protection of personal patient data in the EMR-based practice? Privacy experts will describe privacy principles as enablers in the development of the right technology processes and software. While this is true if understood and applied in advance, privacy can also be a barrier to adoption, particularly if software was never designed with today’s privacy requirements in mind.

In 2005/2006, I was a member of a team of primary care physicians and specialists working on a primary care strategy for Vancouver Coastal Health. One of the strategies was the development of a Privacy Toolkit for the medical practice. Nigel Brown, Managing Consultant of the Security, Identity and Privacy Practice, IBM Global Technology Services, led the development of the toolkit and described privacy in the following ways:

Historical Definition — Physical Privacy: “the right to be left alone”Modern Context — Information Privacy: “the right to have knowledge and control over information about you”

Information Privacy — Identifiable Information about an individual, including the following:

Security is the ability to protect the confidentiality and integrity of information and computer resources using the acronym CIA:

Confidentiality: Allowing access only by authorized individuals.

Integrity: Ensuring that information is not altered or tampered with by unauthorized individuals.

Availability: Ensuring that information is available when needed.

Confidentiality is the process of ensuring that information is accessible only to authorized individuals.

A failure in either security or confidentiality can compromise privacy. However, privacy can also be compromised through the use or misuse of information by authorized individuals.

What can you do within your office to protect privacy? The following are a number of suggestions that apply to both paper-based and EHR-based practices:

Position computers in administrative areas so that staff conversations cannot be overheard from public areas.

Place computers, printers, and other devices in non-public areas and rooms that can be locked.

Limit the display of personal information in areas where patients wait or walk to examination rooms.

Establish policies that encourage discretion when discussing patient information, particularly if there is a possibility of being overheard by other patients, for example in check-in areas.

The issues of Privacy and Security are complex and require a common sense approach to correctly apply the right principles to specific situations. To assist you further, the BC Medical Association provides a very useful resource on privacy issues.